[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request: Two memory corruption vulnerabilities ldns 1.7
From:       Andrej Nemec <anemec () redhat ! com>
Date:       2017-04-27 14:14:27
Message-ID: 9d804ae1-0f52-2d83-f3a1-52a97d28e903 () redhat ! com
[Download RAW message or body]

[Attachment #2 (multipart/mixed)]


Hello Stephan,

Unfortunately, CVE assignments are not done through this list anymore.
You need to visit [1] and request a CVE by filing out the form. Could
you please look at it and let the list know about the assigned CVE?

Thanks!

[1] https://cveform.mitre.org/

Best Regards,

-- 
Andrej Nemec, Red Hat Product Security
3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA

On 04/27/2017 12:54 PM, Stephan Zeisberg wrote:
> Hi,
>
> i discovered two memory corruption vulnerabilities (double free) in ldns
> 1.7.0:
>
> * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
> * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
>
> and reported it to https://www.nlnetlabs.nl/bugs-script/
>
> Both fixed in upstream (in development branch):
> * for bug 1256: https://git.nlnetlabs.nl/ldns/commit/?id=c8391790
> * for bug 1257: https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02
>
> Could you please assign CVE(s) for the vulnerabilites?
>
> Thanks,
> Stephan


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]